Skip to content

Attach Sui binaries to a release #418

Attach Sui binaries to a release

Attach Sui binaries to a release #418

Workflow file for this run

name: Attach Sui binaries to a release
on:
release:
types: [ published ]
workflow_dispatch:
inputs:
sui_tag:
description: 'Sui repo tag to build from'
type: string
required: true
env:
TAG_NAME: "${{ github.event.inputs.sui_tag || github.ref }}"
BINARY_LIST_FILE: "./binary-build-list.json"
CARGO_TERM_COLOR: always
# Disable incremental compilation.
#
# Incremental compilation is useful as part of an edit-build-test-edit cycle,
# as it lets the compiler avoid recompiling code that hasn't changed. However,
# on CI, we're not making small edits; we're almost always building the entire
# project from scratch. Thus, incremental compilation on CI actually
# introduces *additional* overhead to support making future builds
# faster...but no future builds will ever occur in any given CI environment.
#
# See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow
# for details.
CARGO_INCREMENTAL: 0
# Allow more retries for network requests in cargo (downloading crates) and
# rustup (installing toolchains). This should help to reduce flaky CI failures
# from transient network timeouts or other issues.
CARGO_NET_RETRY: 10
RUSTUP_MAX_RETRIES: 10
# Don't emit giant backtraces in the CI logs.
RUST_BACKTRACE: short
TMP_BUILD_DIR: ${{ github.workspace }}'/tmp/release'
jobs:
release-build:
name: Build & Publish Binaries
timeout-minutes: 80
strategy:
matrix:
os:
[
# ubuntu-ghcloud, # ubuntu-x86_64
windows-latest # windows-x86_64
# macos-latest-xl, # macos-x86_64
# macos-latest-xlarge # macos-arm64
]
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- name: Clean up and validate ${{ env.TAG_NAME }} tag name
shell: bash
run: |
export sui_tag=$(echo ${{ env.TAG_NAME }} | sed s/'refs\/tags\/'//)
[[ "${sui_tag}" == "main" ]] && echo "tag cannot be equals to 'main'" && exit 1
echo "sui_tag=${sui_tag}" >> $GITHUB_ENV
export sui_version=$(echo ${sui_tag} | sed -e 's/mainnet-v//' -e 's/testnet-v//')
echo "sui_version=${sui_version}" >> $GITHUB_ENV
- name: Check out ${{ env.sui_tag }}
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3
with:
ref: ${{ env.sui_tag }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # pin v4.0.2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
- name: Set os/arch variables (Windows)
if: ${{ matrix.os == 'windows-ghcloud' }}
shell: bash
run: |
export arch=$(uname -m)
export os_type="windows-${arch}"
echo "os_type=${os_type}" >> $GITHUB_ENV
echo "extention=$(echo ".exe")" >> $GITHUB_ENV
- name: Set os/arch variables
if: ${{ matrix.os != 'windows-ghcloud' }}
shell: bash
run: |
export arch=$(uname -m)
export system_os=$(echo ${{ matrix.os }} | cut -d- -f1)
export os_type="${system_os}-${arch}"
echo "os_type=${system_os}-${arch}" >> $GITHUB_ENV
- name: Check if archive have already been published
continue-on-error: true
shell: bash
run: |
echo "s3_archive_exist=$(curl -Is https://sui-releases.s3.us-east-1.amazonaws.com/releases/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz | head -n 1 | grep '200 OK')" >> $GITHUB_ENV
- name: Download archive, if it exists
if: ${{ env.s3_archive_exist != '' }}
shell: bash
run: |
mkdir -p ${{ env.TMP_BUILD_DIR }}
aws s3 cp s3://sui-releases/releases/sui-${{ env.sui_tag }}-${os_type}.tgz ./tmp/sui-${{ env.sui_tag }}-${os_type}.tgz
tar -xvf ./tmp/sui-${{ env.sui_tag }}-${os_type}.tgz -C ${{ env.TMP_BUILD_DIR }}
- name: Setup caching
if: ${{ env.s3_archive_exist == '' }}
uses: bmwill/rust-cache@v1 # Fork of 'Swatinem/rust-cache' which allows caching additional paths
- name: Install nexttest (Windows)
if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' }}
uses: taiki-e/install-action@33022ba120c3f523d134bbbee12278fc11a3df1a # pin@nextest
- name: Install postgres (Windows)
if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' }}
shell: bash
run: |
choco install postgresql12 --force --params '/Password:root'
echo "C:\Program Files\PostgreSQL\12\bin" >> $GITHUB_PATH
echo "C:\Program Files\PostgreSQL\12\lib" >> $GITHUB_PATH
echo "PQ_LIB_DIR=C:\Program Files\PostgreSQL\12\lib" >> $GITHUB_ENV
echo "PG_DATABASE_URL=postgres://postgres:root@localhost/" >> $GITHUB_ENV
echo "PG_EXAMPLE_DATABASE_URL=postgres://postgres:root@localhost/diesel_example" >> $GITHUB_ENV
- name: Install postgres (Mac arm64)
if: ${{ matrix.os == 'macos-latest-xlarge' && env.gcloud_archive_exist == '' }}
shell: bash
env:
PQ_LIB_DIR: "$(brew --prefix libpq)/lib"
LIBRARY_PATH: "/opt/homebrew/lib:$LIBRARY_PATH"
PKG_CONFIG_PATH: "/opt/homebrew/lib/pkgconfig:$PKG_CONFIG_PATH"
PATH: "/opt/homebrew/bin:$PATH"
run: |
brew install postgresql
- name: Cargo build for ${{ matrix.os }} platform
if: ${{ env.s3_archive_exist == '' }}
shell: bash
run: |
[ -f ~/.cargo/env ] && source ~/.cargo/env ; cargo build --bin sui --release --features indexer && mv target/release/sui target/release/sui-pg
[ -f ~/.cargo/env ] && source ~/.cargo/env ; cargo build --release && cargo build --profile=dev --bin sui
- name: Rename binaries for ${{ matrix.os }}
if: ${{ env.s3_archive_exist == '' }}
shell: bash
run: |
mkdir -p ${{ env.TMP_BUILD_DIR }}
[ ! -f ${{ env.BINARY_LIST_FILE }} ] && echo "${{ env.BINARY_LIST_FILE }} cannot be found" && exit 1
for binary in $(cat ${{ env.BINARY_LIST_FILE }} | jq -r '.release_binaries[]'); do
export binary=$(echo ${binary} | tr -d $'\r')
mv ./target/release/${binary}${{ env.extention }} ${{ env.TMP_BUILD_DIR }}/${binary}${{ env.extention }}
done
# sui-pg is a special binary that is built with the indexer feature for sui start cmd
export binary=$(echo "sui-pg" | tr -d $'\r')
mv ./target/release/${binary}${{ env.extention }} ${{ env.TMP_BUILD_DIR }}/${binary}${{ env.extention }}
mv ./target/debug/sui${{ env.extention }} ${{ env.TMP_BUILD_DIR }}/sui-debug${{ env.extention }}
tar -cvzf ./tmp/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz -C ${{ env.TMP_BUILD_DIR }} .
[[ ${{ env.sui_tag }} == *"testnet"* ]] && aws s3 cp ./tmp/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz s3://sui-releases/releases/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz || true
- name: Publish Windows sui binary to Chocolatey
if: ${{ matrix.os == 'windows-ghcloud' && contains( env.sui_tag, 'testnet') }}
continue-on-error: true
shell: bash
run: |
choco install checksum
cd ${{ github.workspace }}
export sui_sha=$(checksum -t sha256 ${{ env.TMP_BUILD_DIR }}\sui.exe)
echo ${sui_sha}
pwd
cd chocolatey
cat <<EOF >>VERIFICATION.txt
Sui Binary verification steps
1. Go to https://github.com/MystenLabs/sui/releases/download/${{ env.sui_tag }}/sui-${{ env.sui_tag }}-windows-x86_64.tgz
2. Extract sui-windows-x86_64.exe
3. checksum.exe -t sha256 sui-windows-x86_64.exe: ${sui_sha}
File 'LICENSE.txt' is obtained from: https://github.com/MystenLabs/sui/blob/main/LICENSE
EOF
choco pack --version ${{ env.sui_version }} configuration=release
choco apikey --api-key ${{ secrets.CHOCO_API_KEY }} --source https://push.chocolatey.org/
choco push sui.${{ env.sui_version }}.nupkg --source https://push.chocolatey.org/
# - name: Upload release artifacts for ${{ matrix.os }} platform
# uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin@v3
# with:
# name: sui-binaries-${{ matrix.os }}
# if-no-files-found: error
# path: |
# ./tmp/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz
# - name: Attach artifacts to ${{ env.sui_tag }} release in GH
# uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # pin@v1
# with:
# tag_name: ${{ env.sui_tag }}
# files: |
# ./tmp/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz
# update-homebrew-formula:
# name: Run brew bump-formula-pr for sui on testnet releases
# needs: release-build
# runs-on: ubuntu-latest
# # releasing sui cli on testnet releases because it lags `main` less than mainnet, but is more likely to be stable than devnet
# if: ${{ contains( inputs.sui_tag, 'testnet') || contains( github.ref, 'testnet') }}
# steps:
# - name: Clean up tag name ${{ env.TAG_NAME }}
# shell: bash
# run: |
# echo "sui_tag=$(echo ${{ env.TAG_NAME }} | sed s/'refs\/tags\/'//)" >> $GITHUB_ENV
# echo "versionless_tag=$(echo ${{ env.TAG_NAME }} | sed s/'refs\/tags\/'// | sed s/'testnet\-v'//)" >> $GITHUB_ENV
# - uses: mislav/bump-homebrew-formula-action@b3327118b2153c82da63fd9cbf58942146ee99f0 # pin@v3
# with:
# formula-name: sui
# create-pullrequest: true
# tag-name: "${{ env.sui_tag }}"
# commit-message: |
# {{formulaName}} ${{ env.versionless_tag }}
# Created by https://github.com/mislav/bump-homebrew-formula-action
# From release: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
# env:
# # https://github.com/settings/tokens/new?scopes=public_repo,workflow
# COMMITTER_TOKEN: ${{ secrets.HOMEBREW_GH_FORMULA_BUMP }}
# update-homebrew-tap:
# name: Update mysten-tap sui.rb file
# needs: release-build
# runs-on: ubuntu-latest
# if: ${{ contains( inputs.sui_tag, 'testnet') || contains( github.ref, 'testnet') }}
# steps:
# - name: Clean up tag name ${{ env.TAG_NAME }}
# shell: bash
# run: |
# echo "sui_tag=$(echo ${{ env.TAG_NAME }} | sed s/'refs\/tags\/'//)" >> $GITHUB_ENV
# # Checkout MystenLabs/homebrew-tap
# - name: Checkout Target Repository
# uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin@v3
# with:
# repository: MystenLabs/homebrew-tap
# # @john's PAT, needs to be rotated jan 5 2025
# token: ${{ secrets.HOMEBREW_TAP_REPO_READ_WRITE }}
# ref: main
# fetch-depth: 0
# # Download all artifacts from the previous job
# - name: Download all artifacts
# uses: actions/download-artifact@cbed621e49e4c01b044d60f6c80ea4ed6328b281 # pin@v2
# - name: Fetch Ubuntu x86_64 Binary and Compute SHA256
# shell: bash
# run: |
# echo "sha256_ubuntu_release=$(sha256sum sui-binaries-ubuntu-ghcloud/sui-${{ env.sui_tag }}-ubuntu-x86_64.tgz | awk '{print $1}')" >> $GITHUB_ENV
# echo "sha256_macos_x86_release=$(sha256sum sui-binaries-macos-latest-xl/sui-${{ env.sui_tag }}-macos-x86_64.tgz | awk '{print $1}')" >> $GITHUB_ENV
# echo "sha256_macos_arm_release=$(sha256sum sui-binaries-macos-latest-xlarge/sui-${{ env.sui_tag }}-macos-arm64.tgz | awk '{print $1}' )" >> $GITHUB_ENV
# # Install Jinja2 for templating
# - name: Install Jinja2
# run: pip install jinja2
# - name: Apply Jinja2 Template and Update Formula
# run: |
# python3 - <<EOF
# import jinja2
# import os
# # Load the template
# template_loader = jinja2.FileSystemLoader(searchpath="./template")
# template_env = jinja2.Environment(loader=template_loader)
# template = template_env.get_template("sui.rb.j2")
# version = "${{ env.sui_tag }}".removeprefix("testnet-v")
# # Render the template with variables
# output = template.render(
# version=version,
# linux_sha256="${sha256_ubuntu_release}",
# macos_intel_sha256="${sha256_macos_x86_release}",
# macos_arm_sha256="${sha256_macos_arm_release}"
# )
# # Write the output to the formula file
# with open("Formula/sui.rb", "w") as file:
# file.write(output)
# EOF
# # Commit and Push to Target Repository
# - name: Commit and Push to Target Repository
# uses: github-actions-x/commit@722d56b8968bf00ced78407bbe2ead81062d8baa # [email protected]
# with:
# github-token: ${{ secrets.HOMEBREW_TAP_REPO_READ_WRITE }}
# commit-message: "Update Homebrew formula for release ${{ env.sui_tag }}"
# files: Formula/sui.rb
# push-branch: main
# rebase: 'true'
# force-add: 'true'
# name: ${{ github.triggering_actor }}
# email: ${{ github.triggering_actor }}@users.noreply.github.com
# # Tag all sui images with release tag, so that they can be easily found
# tag-docker-hub-images:
# runs-on: ubuntu-latest
# steps:
# - name: Dispatch Tagging of images in DockerHub, in MystenLabs/sui-operations
# uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # [email protected]
# with:
# repository: MystenLabs/sui-operations
# token: ${{ secrets.DOCKER_BINARY_BUILDS_DISPATCH }}
# event-type: tag-docker-images
# client-payload: '{"sui_commit": "${{ github.sha }}", "repo_name": "all", "tag": "${{ env.TAG_NAME }}"}'